Editing Vulnerabilities
Jump to navigation
Jump to search
The edit can be undone. Please check the comparison below to verify that this is what you want to do, and then publish the changes below to finish undoing the edit.
Latest revision | Your text | ||
Line 204: | Line 204: | ||
See the [https://www.psdevwiki.com/ps4/Vulnerabilities#FW_%3C=_11.00_-_Remote_vulnerabilities_in_spp_(yielding_kernel_ASLR_defeat)_(CVE-2006-4304_and_no-CVE) PS4 wiki]. | See the [https://www.psdevwiki.com/ps4/Vulnerabilities#FW_%3C=_11.00_-_Remote_vulnerabilities_in_spp_(yielding_kernel_ASLR_defeat)_(CVE-2006-4304_and_no-CVE) PS4 wiki]. | ||
Note that kernel ASLR defeat is currently not working on PS5 and there are protections remaining before being able to | Note that kernel ASLR defeat is currently not working on PS5 and there are protections remaining before being able to | ||
=== Patched === | === Patched === | ||
Line 329: | Line 329: | ||
* Discovered by Specter (2023-07-01) and Flatz (before 2023-07-27). | * Discovered by Specter (2023-07-01) and Flatz (before 2023-07-27). | ||
* This makes Hypervisor exploitation easier as it can be triggered by usermode directly without the need of a kernel exploit. | * This makes Hypervisor exploitation easier as it can be triggered by usermode directly without the need of a kernel exploit. | ||
* See [[Hypervisor#In-Kernel_Hypervisor_.28.3C.3D_2.50.29]] and [https://wololo.net/2023/07/02/ps5-specterdev-shares-details-on-in-kernel-hypervisor-earlier-versions-of-the-ps5-hypervisor-found-in-firmwares/ wololo article (2023-07-02)]. | * See [[Hypervisor#In-Kernel_Hypervisor_.28.3C.3D_2.50.29]] and [https://wololo.net/2023/07/02/ps5-specterdev-shares-details-on-in-kernel-hypervisor-earlier-versions-of-the-ps5-hypervisor-found-in-firmwares/ wololo article (2023-07-02)]. | ||
* Patched since PS5 FW 3.00. | * Patched since PS5 FW 3.00. |